directus 9.12.2 → 9.14.1

package/dist/app.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -169,13 +173,18 @@ async function createApp() {
         // Set the App's base path according to the APIs public URL
         const html = await fs_extra_1.default.readFile(adminPath, 'utf8');
         const htmlWithBase = html.replace(/<base \/>/, `<base href="${adminUrl.toString({ rootRelative: true })}/" />`);
-        const noCacheIndexHtmlHandler = (_req, res) => {
+        const sendHtml = (_req, res) => {
             res.setHeader('Cache-Control', 'no-cache');
+            res.setHeader('Vary', 'Origin, Cache-Control');
             res.send(htmlWithBase);
         };
-        app.get('/admin', noCacheIndexHtmlHandler);
-        app.use('/admin', express_1.default.static(path_1.default.join(adminPath, '..')));
-        app.use('/admin/*', noCacheIndexHtmlHandler);
+        const setStaticHeaders = (res) => {
+            res.setHeader('Cache-Control', 'max-age=31536000, immutable');
+            res.setHeader('Vary', 'Origin, Cache-Control');
+        };
+        app.get('/admin', sendHtml);
+        app.use('/admin', express_1.default.static(path_1.default.join(adminPath, '..'), { setHeaders: setStaticHeaders }));
+        app.use('/admin/*', sendHtml);
     }
     // use the rate limiter - all routes for now
     if (env_1.default.RATE_LIMITER_ENABLED === true) {

package/dist/auth/drivers/index.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

package/dist/auth/drivers/ldap.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

package/dist/auth/drivers/oauth2.js

@@ -4,6 +4,8 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.createOAuth2AuthRouter = exports.OAuth2AuthDriver = void 0;
+const exceptions_1 = require("@directus/shared/exceptions");
+const utils_1 = require("@directus/shared/utils");
 const express_1 = require("express");
 const flat_1 = __importDefault(require("flat"));
 const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
@@ -11,14 +13,13 @@ const ms_1 = __importDefault(require("ms"));
 const openid_client_1 = require("openid-client");
 const auth_1 = require("../../auth");
 const env_1 = __importDefault(require("../../env"));
-const exceptions_1 = require("../../exceptions");
+const exceptions_2 = require("../../exceptions");
 const logger_1 = __importDefault(require("../../logger"));
 const respond_1 = require("../../middleware/respond");
 const services_1 = require("../../services");
 const async_handler_1 = __importDefault(require("../../utils/async-handler"));
 const get_config_from_env_1 = require("../../utils/get-config-from-env");
 const get_ip_from_req_1 = require("../../utils/get-ip-from-req");
-const parse_json_1 = require("../../utils/parse-json");
 const url_1 = require("../../utils/url");
 const local_1 = require("./local");
 class OAuth2AuthDriver extends local_1.LocalAuthDriver {
@@ -26,7 +27,7 @@ class OAuth2AuthDriver extends local_1.LocalAuthDriver {
         super(options, config);
         const { authorizeUrl, accessUrl, profileUrl, clientId, clientSecret, ...additionalConfig } = config;
         if (!authorizeUrl || !accessUrl || !profileUrl || !clientId || !clientSecret || !additionalConfig.provider) {
-            throw new exceptions_1.InvalidConfigException('Invalid provider config', { provider: additionalConfig.provider });
+            throw new exceptions_2.InvalidConfigException('Invalid provider config', { provider: additionalConfig.provider });
         }
         const redirectUrl = new url_1.Url(env_1.default.PUBLIC_URL).addPath('auth', 'login', additionalConfig.provider, 'callback');
         this.redirectUrl = redirectUrl.toString();
@@ -81,7 +82,7 @@ class OAuth2AuthDriver extends local_1.LocalAuthDriver {
     async getUserID(payload) {
         if (!payload.code || !payload.codeVerifier) {
             logger_1.default.trace('[OAuth2] No code or codeVerifier in payload');
-            throw new exceptions_1.InvalidCredentialsException();
+            throw new exceptions_2.InvalidCredentialsException();
         }
         let tokenSet;
         let userInfo;
@@ -100,7 +101,7 @@ class OAuth2AuthDriver extends local_1.LocalAuthDriver {
         const identifier = userInfo[identifierKey] ? String(userInfo[identifierKey]) : email;
         if (!identifier) {
             logger_1.default.warn(`[OAuth2] Failed to find user identifier for provider "${provider}"`);
-            throw new exceptions_1.InvalidCredentialsException();
+            throw new exceptions_2.InvalidCredentialsException();
         }
         const userId = await this.fetchUserId(identifier);
         if (userId) {
@@ -115,7 +116,7 @@ class OAuth2AuthDriver extends local_1.LocalAuthDriver {
         // Is public registration allowed?
         if (!allowPublicRegistration) {
             logger_1.default.trace(`[OAuth2] User doesn't exist, and public registration not allowed for provider "${provider}"`);
-            throw new exceptions_1.InvalidCredentialsException();
+            throw new exceptions_2.InvalidCredentialsException();
         }
         await this.usersService.createOne({
             provider,
@@ -135,7 +136,7 @@ class OAuth2AuthDriver extends local_1.LocalAuthDriver {
         let authData = user.auth_data;
         if (typeof authData === 'string') {
             try {
-                authData = (0, parse_json_1.parseJSON)(authData);
+                authData = (0, utils_1.parseJSON)(authData);
             }
             catch {
                 logger_1.default.warn(`[OAuth2] Session data isn't valid JSON: ${authData}`);
@@ -163,11 +164,11 @@ const handleError = (e) => {
         if (e.error === 'invalid_grant') {
             // Invalid token
             logger_1.default.trace(e, `[OAuth2] Invalid grant`);
-            return new exceptions_1.InvalidTokenException();
+            return new exceptions_2.InvalidTokenException();
         }
         // Server response error
         logger_1.default.trace(e, `[OAuth2] Unknown OP error`);
-        return new exceptions_1.ServiceUnavailableException('Service returned unexpected response', {
+        return new exceptions_2.ServiceUnavailableException('Service returned unexpected response', {
             service: 'oauth2',
             message: e.error_description,
         });
@@ -175,7 +176,7 @@ const handleError = (e) => {
     else if (e instanceof openid_client_1.errors.RPError) {
         // Internal client error
         logger_1.default.trace(e, `[OAuth2] Unknown RP error`);
-        return new exceptions_1.InvalidCredentialsException();
+        return new exceptions_2.InvalidCredentialsException();
     }
     logger_1.default.trace(e, `[OAuth2] Unknown error`);
     return e;
@@ -204,7 +205,7 @@ function createOAuth2AuthRouter(providerName) {
         }
         catch (e) {
             logger_1.default.warn(e, `[OAuth2] Couldn't verify OAuth2 cookie`);
-            throw new exceptions_1.InvalidCredentialsException();
+            throw new exceptions_2.InvalidCredentialsException();
         }
         const { verifier, redirect, prompt } = tokenData;
         const authenticationService = new services_1.AuthenticationService({
@@ -229,22 +230,13 @@ function createOAuth2AuthRouter(providerName) {
         }
         catch (error) {
             // Prompt user for a new refresh_token if invalidated
-            if (error instanceof exceptions_1.InvalidTokenException && !prompt) {
+            if (error instanceof exceptions_2.InvalidTokenException && !prompt) {
                 return res.redirect(`./?${redirect ? `redirect=${redirect}&` : ''}prompt=true`);
             }
             if (redirect) {
                 let reason = 'UNKNOWN_EXCEPTION';
-                if (error instanceof exceptions_1.ServiceUnavailableException) {
-                    reason = 'SERVICE_UNAVAILABLE';
-                }
-                else if (error instanceof exceptions_1.InvalidCredentialsException) {
-                    reason = 'INVALID_USER';
-                }
-                else if (error instanceof exceptions_1.InvalidTokenException) {
-                    reason = 'INVALID_TOKEN';
-                }
-                else if (error instanceof exceptions_1.InvalidProviderException) {
-                    reason = 'INVALID_PROVIDER';
+                if (error instanceof exceptions_1.BaseException) {
+                    reason = error.code;
                 }
                 else {
                     logger_1.default.warn(error, `[OAuth2] Unexpected error during OAuth2 login`);

package/dist/auth/drivers/openid.js

@@ -4,6 +4,8 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.createOpenIDAuthRouter = exports.OpenIDAuthDriver = void 0;
+const exceptions_1 = require("@directus/shared/exceptions");
+const utils_1 = require("@directus/shared/utils");
 const express_1 = require("express");
 const flat_1 = __importDefault(require("flat"));
 const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
@@ -11,14 +13,13 @@ const ms_1 = __importDefault(require("ms"));
 const openid_client_1 = require("openid-client");
 const auth_1 = require("../../auth");
 const env_1 = __importDefault(require("../../env"));
-const exceptions_1 = require("../../exceptions");
+const exceptions_2 = require("../../exceptions");
 const logger_1 = __importDefault(require("../../logger"));
 const respond_1 = require("../../middleware/respond");
 const services_1 = require("../../services");
 const async_handler_1 = __importDefault(require("../../utils/async-handler"));
 const get_config_from_env_1 = require("../../utils/get-config-from-env");
 const get_ip_from_req_1 = require("../../utils/get-ip-from-req");
-const parse_json_1 = require("../../utils/parse-json");
 const url_1 = require("../../utils/url");
 const local_1 = require("./local");
 class OpenIDAuthDriver extends local_1.LocalAuthDriver {
@@ -26,7 +27,7 @@ class OpenIDAuthDriver extends local_1.LocalAuthDriver {
         super(options, config);
         const { issuerUrl, clientId, clientSecret, ...additionalConfig } = config;
         if (!issuerUrl || !clientId || !clientSecret || !additionalConfig.provider) {
-            throw new exceptions_1.InvalidConfigException('Invalid provider config', { provider: additionalConfig.provider });
+            throw new exceptions_2.InvalidConfigException('Invalid provider config', { provider: additionalConfig.provider });
         }
         const redirectUrl = new url_1.Url(env_1.default.PUBLIC_URL).addPath('auth', 'login', additionalConfig.provider, 'callback');
         const clientOptionsOverrides = (0, get_config_from_env_1.getConfigFromEnv)(`AUTH_${config.provider.toUpperCase()}_CLIENT_`, [`AUTH_${config.provider.toUpperCase()}_CLIENT_ID`, `AUTH_${config.provider.toUpperCase()}_CLIENT_SECRET`], 'underscore');
@@ -38,7 +39,7 @@ class OpenIDAuthDriver extends local_1.LocalAuthDriver {
                 .then((issuer) => {
                 const supportedTypes = issuer.metadata.response_types_supported;
                 if (!(supportedTypes === null || supportedTypes === void 0 ? void 0 : supportedTypes.includes('code'))) {
-                    reject(new exceptions_1.InvalidConfigException('OpenID provider does not support required code flow', {
+                    reject(new exceptions_2.InvalidConfigException('OpenID provider does not support required code flow', {
                         provider: additionalConfig.provider,
                     }));
                 }
@@ -50,7 +51,10 @@ class OpenIDAuthDriver extends local_1.LocalAuthDriver {
                     ...clientOptionsOverrides,
                 }));
             })
-                .catch(reject);
+                .catch((e) => {
+                logger_1.default.error(e, '[OpenID] Failed to fetch provider config');
+                process.exit(1);
+            });
         });
     }
     generateCodeVerifier() {
@@ -88,7 +92,7 @@ class OpenIDAuthDriver extends local_1.LocalAuthDriver {
     async getUserID(payload) {
         if (!payload.code || !payload.codeVerifier) {
             logger_1.default.trace('[OpenID] No code or codeVerifier in payload');
-            throw new exceptions_1.InvalidCredentialsException();
+            throw new exceptions_2.InvalidCredentialsException();
         }
         let tokenSet;
         let userInfo;
@@ -114,7 +118,7 @@ class OpenIDAuthDriver extends local_1.LocalAuthDriver {
         const identifier = userInfo[identifierKey !== null && identifierKey !== void 0 ? identifierKey : 'sub'] ? String(userInfo[identifierKey !== null && identifierKey !== void 0 ? identifierKey : 'sub']) : email;
         if (!identifier) {
             logger_1.default.warn(`[OpenID] Failed to find user identifier for provider "${provider}"`);
-            throw new exceptions_1.InvalidCredentialsException();
+            throw new exceptions_2.InvalidCredentialsException();
         }
         const userId = await this.fetchUserId(identifier);
         if (userId) {
@@ -130,7 +134,7 @@ class OpenIDAuthDriver extends local_1.LocalAuthDriver {
         // Is public registration allowed?
         if (!allowPublicRegistration || !isEmailVerified) {
             logger_1.default.trace(`[OpenID] User doesn't exist, and public registration not allowed for provider "${provider}"`);
-            throw new exceptions_1.InvalidCredentialsException();
+            throw new exceptions_2.InvalidCredentialsException();
         }
         await this.usersService.createOne({
             provider,
@@ -150,7 +154,7 @@ class OpenIDAuthDriver extends local_1.LocalAuthDriver {
         let authData = user.auth_data;
         if (typeof authData === 'string') {
             try {
-                authData = (0, parse_json_1.parseJSON)(authData);
+                authData = (0, utils_1.parseJSON)(authData);
             }
             catch {
                 logger_1.default.warn(`[OpenID] Session data isn't valid JSON: ${authData}`);
@@ -179,11 +183,11 @@ const handleError = (e) => {
         if (e.error === 'invalid_grant') {
             // Invalid token
             logger_1.default.trace(e, `[OpenID] Invalid grant`);
-            return new exceptions_1.InvalidTokenException();
+            return new exceptions_2.InvalidTokenException();
         }
         // Server response error
         logger_1.default.trace(e, `[OpenID] Unknown OP error`);
-        return new exceptions_1.ServiceUnavailableException('Service returned unexpected response', {
+        return new exceptions_2.ServiceUnavailableException('Service returned unexpected response', {
             service: 'openid',
             message: e.error_description,
         });
@@ -191,7 +195,7 @@ const handleError = (e) => {
     else if (e instanceof openid_client_1.errors.RPError) {
         // Internal client error
         logger_1.default.trace(e, `[OpenID] Unknown RP error`);
-        return new exceptions_1.InvalidCredentialsException();
+        return new exceptions_2.InvalidCredentialsException();
     }
     logger_1.default.trace(e, `[OpenID] Unknown error`);
     return e;
@@ -220,7 +224,7 @@ function createOpenIDAuthRouter(providerName) {
         }
         catch (e) {
             logger_1.default.warn(e, `[OpenID] Couldn't verify OpenID cookie`);
-            throw new exceptions_1.InvalidCredentialsException();
+            throw new exceptions_2.InvalidCredentialsException();
         }
         const { verifier, redirect, prompt } = tokenData;
         const authenticationService = new services_1.AuthenticationService({
@@ -245,23 +249,14 @@ function createOpenIDAuthRouter(providerName) {
         }
         catch (error) {
             // Prompt user for a new refresh_token if invalidated
-            if (error instanceof exceptions_1.InvalidTokenException && !prompt) {
+            if (error instanceof exceptions_2.InvalidTokenException && !prompt) {
                 return res.redirect(`./?${redirect ? `redirect=${redirect}&` : ''}prompt=true`);
             }
             logger_1.default.warn(error);
             if (redirect) {
                 let reason = 'UNKNOWN_EXCEPTION';
-                if (error instanceof exceptions_1.ServiceUnavailableException) {
-                    reason = 'SERVICE_UNAVAILABLE';
-                }
-                else if (error instanceof exceptions_1.InvalidCredentialsException) {
-                    reason = 'INVALID_USER';
-                }
-                else if (error instanceof exceptions_1.InvalidTokenException) {
-                    reason = 'INVALID_TOKEN';
-                }
-                else if (error instanceof exceptions_1.InvalidProviderException) {
-                    reason = 'INVALID_PROVIDER';
+                if (error instanceof exceptions_1.BaseException) {
+                    reason = error.code;
                 }
                 else {
                     logger_1.default.warn(error, `[OpenID] Unexpected error during OpenID login`);

package/dist/cli/commands/bootstrap/index.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

package/dist/cli/commands/schema/apply.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -23,6 +27,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.apply = void 0;
+const utils_1 = require("@directus/shared/utils");
 const chalk_1 = __importDefault(require("chalk"));
 const fs_1 = require("fs");
 const inquirer_1 = __importDefault(require("inquirer"));
@@ -34,7 +39,6 @@ const logger_1 = __importDefault(require("../../../logger"));
 const apply_snapshot_1 = require("../../../utils/apply-snapshot");
 const get_snapshot_1 = require("../../../utils/get-snapshot");
 const get_snapshot_diff_1 = require("../../../utils/get-snapshot-diff");
-const parse_json_1 = require("../../../utils/parse-json");
 async function apply(snapshotPath, options) {
     var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m;
     const filename = path_1.default.resolve(process.cwd(), snapshotPath);
@@ -53,7 +57,7 @@ async function apply(snapshotPath, options) {
             snapshot = (await (0, js_yaml_1.load)(fileContents));
         }
         else {
-            snapshot = (0, parse_json_1.parseJSON)(fileContents);
+            snapshot = (0, utils_1.parseJSON)(fileContents);
         }
         const currentSnapshot = await (0, get_snapshot_1.getSnapshot)({ database });
         const snapshotDiff = (0, get_snapshot_diff_1.getSnapshotDiff)(currentSnapshot, snapshot);

package/dist/cli/commands/schema/snapshot.d.ts

@@ -1,4 +1,4 @@
-export declare function snapshot(snapshotPath: string, options?: {
+export declare function snapshot(snapshotPath?: string, options?: {
     yes: boolean;
     format: 'json' | 'yaml';
 }): Promise<void>;

package/dist/cli/commands/schema/snapshot.js

@@ -13,38 +13,46 @@ const inquirer_1 = __importDefault(require("inquirer"));
 const js_yaml_1 = require("js-yaml");
 const cache_1 = require("../../../cache");
 async function snapshot(snapshotPath, options) {
-    const filename = path_1.default.resolve(process.cwd(), snapshotPath);
-    let snapshotExists;
-    try {
-        await fs_1.promises.access(filename, fs_1.constants.F_OK);
-        snapshotExists = true;
-    }
-    catch {
-        snapshotExists = false;
-    }
-    if (snapshotExists && (options === null || options === void 0 ? void 0 : options.yes) === false) {
-        const { overwrite } = await inquirer_1.default.prompt([
-            {
-                type: 'confirm',
-                name: 'overwrite',
-                message: 'Snapshot already exists. Do you want to overwrite the file?',
-            },
-        ]);
-        if (overwrite === false) {
-            process.exit(0);
-        }
-    }
     await (0, cache_1.flushCaches)();
     const database = (0, database_1.default)();
-    const snapshot = await (0, get_snapshot_1.getSnapshot)({ database });
     try {
+        const snapshot = await (0, get_snapshot_1.getSnapshot)({ database });
+        let snapshotString;
         if ((options === null || options === void 0 ? void 0 : options.format) === 'yaml') {
-            await fs_1.promises.writeFile(filename, (0, js_yaml_1.dump)(snapshot));
+            snapshotString = (0, js_yaml_1.dump)(snapshot);
+        }
+        else {
+            snapshotString = JSON.stringify(snapshot);
+        }
+        if (snapshotPath) {
+            const filename = path_1.default.resolve(process.cwd(), snapshotPath);
+            let snapshotExists;
+            try {
+                await fs_1.promises.access(filename, fs_1.constants.F_OK);
+                snapshotExists = true;
+            }
+            catch {
+                snapshotExists = false;
+            }
+            if (snapshotExists && (options === null || options === void 0 ? void 0 : options.yes) === false) {
+                const { overwrite } = await inquirer_1.default.prompt([
+                    {
+                        type: 'confirm',
+                        name: 'overwrite',
+                        message: 'Snapshot already exists. Do you want to overwrite the file?',
+                    },
+                ]);
+                if (overwrite === false) {
+                    database.destroy();
+                    process.exit(0);
+                }
+            }
+            await fs_1.promises.writeFile(filename, snapshotString);
+            logger_1.default.info(`Snapshot saved to ${filename}`);
         }
         else {
-            await fs_1.promises.writeFile(filename, JSON.stringify(snapshot));
+            process.stdout.write(snapshotString);
         }
-        logger_1.default.info(`Snapshot saved to ${filename}`);
         database.destroy();
         process.exit(0);
     }

package/dist/cli/index.js

@@ -75,7 +75,7 @@ async function createCli() {
         .description('Create a new Schema Snapshot')
         .option('-y, --yes', `Assume "yes" as answer to all prompts and run non-interactively`, false)
         .addOption(new commander_1.Option('--format <format>', 'JSON or YAML format').choices(['json', 'yaml']).default('yaml'))
-        .argument('<path>', 'Path to snapshot file')
+        .argument('[path]', 'Path to snapshot file')
         .action(snapshot_1.snapshot);
     schemaCommands
         .command('apply')

package/dist/cli/utils/create-env/env-stub.liquid

@@ -1,12 +1,12 @@
 ####################################################################################################
-# 
+#
 # These values set environment variables which modify core settings of Directus.
 #
 # Values in square brackets are the default values.
 #
-# The following options are not all possible options. For more, see 
-# https://docs.directus.io/configuration/config-options/
-# 
+# The following options are not all possible options. For more, see
+# https://docs.directus.io/self-hosted/config-options/
+#
 ####################################################################################################
 ####################################################################################################
 
@@ -18,7 +18,7 @@ HOST="0.0.0.0"
 # The port Directus will run on [8055]
 PORT=8055
 
-# The URL where your API can be reached on the web. It is also used for things like OAuth redirects, 
+# The URL where your API can be reached on the web. It is also used for things like OAuth redirects,
 # forgot-password emails, and logos that needs to be publicly available on the internet. ["/"]
 PUBLIC_URL="/"
 # PUBLIC_URL="http://localhost:8055"
@@ -46,8 +46,8 @@ PUBLIC_URL="/"
 ####################################################################################################
 ### Database
 
-# All DB_* environment variables are passed to the connection configuration of a Knex instance. 
-# Based on your project's needs, you can extend the DB_* environment variables with any config 
+# All DB_* environment variables are passed to the connection configuration of a Knex instance.
+# Based on your project's needs, you can extend the DB_* environment variables with any config
 # you need to pass to the database instance.
 
 {{ database }}
@@ -177,7 +177,7 @@ STORAGE_LOCAL_ROOT="./uploads"
 # STORAGE_GOOGLE_BUCKET="my-files"
 
 
-## A comma-separated list of metadata keys to collect during file upload. Use * for all 
+## A comma-separated list of metadata keys to collect during file upload. Use * for all
 # Extracting all metadata might cause memory issues when the file has an unusually large set of metadata
 # [ifd0.Make,ifd0.Model,exif.FNumber,exif.ExposureTime,exif.FocalLength,exif.ISO]
 # FILE_METADATA_ALLOW_LIST=
@@ -190,7 +190,7 @@ STORAGE_LOCAL_ROOT="./uploads"
 # Unique identifier for the project
 # KEY="xxxxxxx-xxxxxx-xxxxxxxx-xxxxxxxxxx"
 
-# Secret string for the project 
+# Secret string for the project
 # SECRET="abcdef"
 
 # The duration that the access token is valid ["15m"]
@@ -250,7 +250,7 @@ CORS_MAX_AGE=18000
 # The variant of the hash function (0: argon2d, 1: argon2i, or 2: argon2id) [1]
 # HASH_TYPE=2
 
-An extra and optional non-secret value. The value will be included B64 encoded in the parameters portion of the digest []
+# An extra and optional non-secret value. The value will be included B64 encoded in the parameters portion of the digest []
 # HASH_ASSOCIATED_DATA=foo
 
 ####################################################################################################
@@ -287,7 +287,7 @@ EXTENSIONS_AUTO_RELOAD=false
 # Email address from which emails are sent ["no-reply@directus.io"]
 EMAIL_FROM="no-reply@directus.io"
 
-# What to use to send emails. One of 
+# What to use to send emails. One of
 # sendmail, smtp, mailgun, ses.
 EMAIL_TRANSPORT="sendmail"
 EMAIL_SENDMAIL_NEW_LINE="unix"

package/dist/controllers/assets.js

@@ -3,6 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+const utils_1 = require("@directus/shared/utils");
 const express_1 = require("express");
 const helmet_1 = __importDefault(require("helmet"));
 const lodash_1 = require("lodash");
@@ -16,10 +17,9 @@ const services_1 = require("../services");
 const assets_1 = require("../types/assets");
 const async_handler_1 = __importDefault(require("../utils/async-handler"));
 const get_config_from_env_1 = require("../utils/get-config-from-env");
-const parse_json_1 = require("../utils/parse-json");
 const router = (0, express_1.Router)();
 router.use((0, use_collection_1.default)('directus_files'));
-router.get('/:pk', 
+router.get('/:pk/:filename?', 
 // Validate query params
 (0, async_handler_1.default)(async (req, res, next) => {
     const payloadService = new services_1.PayloadService('directus_settings', { schema: req.schema });
@@ -41,7 +41,7 @@ router.get('/:pk',
         let transforms;
         // Try parse the JSON array
         try {
-            transforms = (0, parse_json_1.parseJSON)(transformation['transforms']);
+            transforms = (0, utils_1.parseJSON)(transformation['transforms']);
         }
         catch {
             throw new exceptions_1.InvalidQueryException(`"transforms" Parameter needs to be a JSON array of allowed transformations.`);
@@ -99,7 +99,7 @@ router.get('/:pk',
 }, (0, get_config_from_env_1.getConfigFromEnv)('ASSETS_CONTENT_SECURITY_POLICY'))), 
 // Return file
 (0, async_handler_1.default)(async (req, res) => {
-    var _a, _b;
+    var _a, _b, _c;
     const id = (_a = req.params.pk) === null || _a === void 0 ? void 0 : _a.substring(0, 36);
     const service = new services_1.AssetsService({
         accountability: req.accountability,
@@ -121,7 +121,7 @@ router.get('/:pk',
     }
     const { stream, file, stat } = await service.getAsset(id, transformation, range);
     const access = ((_b = req.accountability) === null || _b === void 0 ? void 0 : _b.role) ? 'private' : 'public';
-    res.attachment(file.filename_download);
+    res.attachment((_c = req.params.filename) !== null && _c !== void 0 ? _c : file.filename_download);
     res.setHeader('Content-Type', file.type);
     res.setHeader('Accept-Ranges', 'bytes');
     res.setHeader('Cache-Control', `${access}, max-age=${(0, ms_1.default)(env_1.default.ASSETS_CACHE_TTL) / 1000}`);

package/dist/controllers/dashboards.js

@@ -75,7 +75,10 @@ router.patch('/', (0, validate_batch_1.validateBatch)('update'), (0, async_handl
         schema: req.schema,
     });
     let keys = [];
-    if (req.body.keys) {
+    if (Array.isArray(req.body)) {
+        keys = await service.updateBatch(req.body);
+    }
+    else if (req.body.keys) {
         keys = await service.updateMany(req.body.keys, req.body.data);
     }
     else {