directus 9.15.0 → 9.16.1

package/dist/operations/exec/index.test.js

@@ -0,0 +1,95 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const vm2_1 = require("vm2");
+const index_1 = __importDefault(require("./index"));
+test('Rejects when modules are used without modules being allowed', async () => {
+    const testCode = `
+		const test = require('test');
+	`;
+    await expect(index_1.default.handler({ code: testCode }, {
+        data: {},
+        env: {
+            FLOWS_EXEC_ALLOWED_MODULES: '',
+        },
+    })).rejects.toEqual(new vm2_1.VMError("Cannot find module 'test'"));
+});
+test('Rejects when code contains syntax errors', async () => {
+    const testCode = `
+		~~
+	`;
+    await expect(index_1.default.handler({ code: testCode }, {
+        data: {},
+        env: {
+            FLOWS_EXEC_ALLOWED_MODULES: '',
+        },
+    })).rejects.toEqual(new Error("Couldn't compile code: Unexpected end of input"));
+});
+test('Rejects when returned function does something illegal', async () => {
+    const testCode = `
+		module.exports = function() {
+			return a + b;
+		};
+	`;
+    await expect(index_1.default.handler({ code: testCode }, {
+        data: {},
+        env: {
+            FLOWS_EXEC_ALLOWED_MODULES: '',
+        },
+    })).rejects.toEqual(new ReferenceError('a is not defined'));
+});
+test("Rejects when code doesn't return valid function", async () => {
+    const testCode = `
+		module.exports = false;
+	`;
+    await expect(index_1.default.handler({ code: testCode }, {
+        data: {},
+        env: {
+            FLOWS_EXEC_ALLOWED_MODULES: '',
+        },
+    })).rejects.toEqual(new TypeError('fn is not a function'));
+});
+test('Rejects returned function throws errors', async () => {
+    const testCode = `
+		module.exports = function () {
+			throw new Error('test');
+		};
+	`;
+    await expect(index_1.default.handler({ code: testCode }, {
+        data: {},
+        env: {
+            FLOWS_EXEC_ALLOWED_MODULES: '',
+        },
+    })).rejects.toEqual(new Error('test'));
+});
+test('Executes function when valid', () => {
+    const testCode = `
+		module.exports = function (data) {
+			return { result: data.input + ' test' };
+		};
+	`;
+    expect(index_1.default.handler({ code: testCode }, {
+        data: {
+            input: 'start',
+        },
+        env: {
+            FLOWS_EXEC_ALLOWED_MODULES: '',
+        },
+    })).resolves.toEqual({ result: 'start test' });
+});
+test('Allows modules that are whitelisted', () => {
+    const testCode = `
+		const bytes = require('bytes');
+
+		module.exports = function (data) {
+			return { result: bytes(1000) };
+		};
+	`;
+    expect(index_1.default.handler({ code: testCode }, {
+        env: {
+            FLOWS_EXEC_ALLOWED_MODULES: 'bytes',
+        },
+    })).resolves.toEqual({ result: '1000B' });
+});

package/dist/operations/notification/index.js

@@ -6,7 +6,6 @@ const get_accountability_for_role_1 = require("../../utils/get-accountability-fo
 exports.default = (0, utils_1.defineOperationApi)({
     id: 'notification',
     handler: async ({ recipient, subject, message, permissions }, { accountability, database, getSchema }) => {
-        var _a;
         const schema = await getSchema({ database });
         let customAccountability;
         if (!permissions || permissions === '$trigger') {
@@ -27,12 +26,16 @@ exports.default = (0, utils_1.defineOperationApi)({
             knex: database,
         });
         const messageString = message ? (0, utils_1.optionToString)(message) : null;
-        const result = await notificationsService.createOne({
-            recipient,
-            sender: (_a = customAccountability === null || customAccountability === void 0 ? void 0 : customAccountability.user) !== null && _a !== void 0 ? _a : null,
-            subject,
-            message: messageString,
+        const payload = (0, utils_1.toArray)(recipient).map((userId) => {
+            var _a;
+            return {
+                recipient: userId,
+                sender: (_a = customAccountability === null || customAccountability === void 0 ? void 0 : customAccountability.user) !== null && _a !== void 0 ? _a : null,
+                subject,
+                message: messageString,
+            };
         });
+        const result = await notificationsService.createMany(payload);
         return result;
     },
 });

package/dist/operations/request/index.js

@@ -8,11 +8,30 @@ const axios_1 = __importDefault(require("axios"));
 exports.default = (0, utils_1.defineOperationApi)({
     id: 'request',
     handler: async ({ url, method, body, headers }) => {
-        const customHeaders = headers === null || headers === void 0 ? void 0 : headers.reduce((acc, { header, value }) => {
+        var _a;
+        const customHeaders = (_a = headers === null || headers === void 0 ? void 0 : headers.reduce((acc, { header, value }) => {
             acc[header] = value;
             return acc;
-        }, {});
-        const result = await (0, axios_1.default)({ url: encodeURI(url), method, data: body, headers: customHeaders });
+        }, {})) !== null && _a !== void 0 ? _a : {};
+        if (!customHeaders['Content-Type'] && isValidJSON(body)) {
+            customHeaders['Content-Type'] = 'application/json';
+        }
+        const shouldEncode = decodeURI(url) === url;
+        const result = await (0, axios_1.default)({
+            url: shouldEncode ? encodeURI(url) : url,
+            method,
+            data: body,
+            headers: customHeaders,
+        });
         return { status: result.status, statusText: result.statusText, headers: result.headers, data: result.data };
+        function isValidJSON(value) {
+            try {
+                (0, utils_1.parseJSON)(value);
+                return true;
+            }
+            catch {
+                return false;
+            }
+        }
     },
 });

package/dist/services/files.js

@@ -229,7 +229,8 @@ class FilesService extends items_1.ItemsService {
         }
         let fileResponse;
         try {
-            fileResponse = await axios_1.default.get(importURL, {
+            const shouldEncode = decodeURI(importURL) === importURL;
+            fileResponse = await axios_1.default.get(shouldEncode ? encodeURI(importURL) : importURL, {
                 responseType: 'stream',
             });
         }
@@ -240,7 +241,7 @@ class FilesService extends items_1.ItemsService {
             });
         }
         const parsedURL = url_1.default.parse(fileResponse.request.res.responseUrl);
-        const filename = path_1.default.basename(parsedURL.pathname);
+        const filename = decodeURI(path_1.default.basename(parsedURL.pathname));
         const payload = {
             filename_download: filename,
             storage: (0, utils_1.toArray)(env_1.default.STORAGE_LOCATIONS)[0],

package/dist/services/files.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/services/files.test.js

@@ -0,0 +1,53 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const exifr_1 = __importDefault(require("exifr"));
+const knex_1 = __importDefault(require("knex"));
+const knex_mock_client_1 = require("knex-mock-client");
+const _1 = require(".");
+jest.mock('exifr');
+jest.mock('../../src/database/index', () => {
+    return { getDatabaseClient: jest.fn().mockReturnValue('postgres') };
+});
+jest.requireMock('../../src/database/index');
+describe('Integration Tests', () => {
+    let db;
+    let tracker;
+    beforeAll(async () => {
+        db = (0, knex_1.default)({ client: knex_mock_client_1.MockClient });
+        tracker = (0, knex_mock_client_1.getTracker)();
+    });
+    afterEach(() => {
+        tracker.reset();
+    });
+    describe('Services / Files', () => {
+        describe('getMetadata', () => {
+            let service;
+            let exifrParseSpy;
+            const sampleMetadata = {
+                CustomTagA: 'value a',
+                CustomTagB: 'value b',
+                CustomTagC: 'value c',
+            };
+            beforeEach(() => {
+                exifrParseSpy = jest.spyOn(exifr_1.default, 'parse');
+                service = new _1.FilesService({
+                    knex: db,
+                    schema: { collections: {}, relations: [] },
+                });
+            });
+            it('accepts allowlist metadata tags', async () => {
+                exifrParseSpy.mockReturnValue(Promise.resolve({ ...sampleMetadata }));
+                const bufferContent = 'file buffer content';
+                const allowList = ['CustomTagB', 'CustomTagA'];
+                const metadata = await service.getMetadata(bufferContent, allowList);
+                expect(exifrParseSpy).toHaveBeenCalled();
+                expect(metadata.metadata.CustomTagA).toStrictEqual(sampleMetadata.CustomTagA);
+                expect(metadata.metadata.CustomTagB).toStrictEqual(sampleMetadata.CustomTagB);
+                expect(metadata.metadata.CustomTagC).toBeUndefined();
+            });
+        });
+    });
+});

package/dist/services/flows.js

@@ -39,12 +39,16 @@ class FlowsService extends items_1.ItemsService {
     }
     async deleteOne(key, opts) {
         const flowManager = (0, flows_1.getFlowManager)();
+        // this is to prevent foreign key constraint error on directus_operations resolve/reject during cascade deletion
+        await this.knex('directus_operations').update({ resolve: null, reject: null }).where('flow', key);
         const result = await super.deleteOne(key, opts);
         await flowManager.reload();
         return result;
     }
     async deleteMany(keys, opts) {
         const flowManager = (0, flows_1.getFlowManager)();
+        // this is to prevent foreign key constraint error on directus_operations resolve/reject during cascade deletion
+        await this.knex('directus_operations').update({ resolve: null, reject: null }).whereIn('flow', keys);
         const result = await super.deleteMany(keys, opts);
         await flowManager.reload();
         return result;

package/dist/services/graphql/index.d.ts

@@ -1,6 +1,6 @@
 import { BaseException } from '@directus/shared/exceptions';
 import { Accountability, Query, SchemaOverview } from '@directus/shared/types';
-import { ArgumentNode, FormattedExecutionResult, FragmentDefinitionNode, GraphQLError, GraphQLResolveInfo, GraphQLSchema, ObjectFieldNode, SelectionNode } from 'graphql';
+import { ArgumentNode, FormattedExecutionResult, FragmentDefinitionNode, GraphQLError, GraphQLResolveInfo, GraphQLSchema, SelectionNode } from 'graphql';
 import { ObjectTypeComposer, SchemaComposer } from 'graphql-compose';
 import { Knex } from 'knex';
 import { AbstractServiceOptions, GraphQLParams, Item } from '../../types';
@@ -44,7 +44,7 @@ export declare class GraphQLService {
      * In order to do that, we'll parse over all ArgumentNodes and ObjectFieldNodes to manually recreate an object structure
      * of arguments
      */
-    parseArgs(args: readonly ArgumentNode[] | readonly ObjectFieldNode[], variableValues: GraphQLResolveInfo['variableValues']): Record<string, any>;
+    parseArgs(args: readonly ArgumentNode[], variableValues: GraphQLResolveInfo['variableValues']): Record<string, any>;
     /**
      * Get a Directus Query object from the parsed arguments (rawQuery) and GraphQL AST selectionSet. Converts SelectionSet into
      * Directus' `fields` query for use in the resolver. Also applies variables where appropriate.

package/dist/services/graphql/index.js

@@ -274,7 +274,7 @@ class GraphQLService {
                 CollectionTypes[collection.collection] = schemaComposer.createObjectTC({
                     name: action === 'read' ? collection.collection : `${action}_${collection.collection}`,
                     fields: Object.values(collection.fields).reduce((acc, field) => {
-                        let type = (0, get_graphql_type_1.getGraphQLType)(field.type);
+                        let type = (0, get_graphql_type_1.getGraphQLType)(field.type, field.special);
                         // GraphQL doesn't differentiate between not-null and has-to-be-submitted. We
                         // can't non-null in update, as that would require every not-nullable field to be
                         // submitted on updates
@@ -639,7 +639,7 @@ class GraphQLService {
                 ReadableCollectionFilterTypes[collection.collection] = schemaComposer.createInputTC({
                     name: `${collection.collection}_filter`,
                     fields: Object.values(collection.fields).reduce((acc, field) => {
-                        const graphqlType = (0, get_graphql_type_1.getGraphQLType)(field.type);
+                        const graphqlType = (0, get_graphql_type_1.getGraphQLType)(field.type, field.special);
                         let filterOperatorType;
                         switch (graphqlType) {
                             case graphql_1.GraphQLBoolean:
@@ -692,7 +692,7 @@ class GraphQLService {
                 AggregatedFields[collection.collection] = schemaComposer.createObjectTC({
                     name: `${collection.collection}_aggregated_fields`,
                     fields: Object.values(collection.fields).reduce((acc, field) => {
-                        const graphqlType = (0, get_graphql_type_1.getGraphQLType)(field.type);
+                        const graphqlType = (0, get_graphql_type_1.getGraphQLType)(field.type, field.special);
                         switch (graphqlType) {
                             case graphql_1.GraphQLInt:
                             case graphql_1.GraphQLFloat:
@@ -736,7 +736,7 @@ class GraphQLService {
                     },
                 };
                 const hasNumericAggregates = Object.values(collection.fields).some((field) => {
-                    const graphqlType = (0, get_graphql_type_1.getGraphQLType)(field.type);
+                    const graphqlType = (0, get_graphql_type_1.getGraphQLType)(field.type, field.special);
                     if (graphqlType === graphql_1.GraphQLInt || graphqlType === graphql_1.GraphQLFloat) {
                         return true;
                     }
@@ -1207,38 +1207,29 @@ class GraphQLService {
     parseArgs(args, variableValues) {
         if (!args || args.length === 0)
             return {};
-        const parseObjectValue = (arg) => {
-            return this.parseArgs(arg.fields, variableValues);
-        };
-        const argsObject = {};
-        for (const argument of args) {
-            if (argument.value.kind === 'ObjectValue') {
-                argsObject[argument.name.value] = parseObjectValue(argument.value);
-            }
-            else if (argument.value.kind === 'Variable') {
-                argsObject[argument.name.value] = variableValues[argument.value.name.value];
+        const parse = (node) => {
+            switch (node.kind) {
+                case 'Variable':
+                    return variableValues[node.name.value];
+                case 'ListValue':
+                    return node.values.map(parse);
+                case 'ObjectValue':
+                    return Object.fromEntries(node.fields.map((node) => [node.name.value, parse(node.value)]));
+                case 'NullValue':
+                    return null;
+                case 'StringValue':
+                    return String(node.value);
+                case 'IntValue':
+                case 'FloatValue':
+                    return Number(node.value);
+                case 'BooleanValue':
+                    return Boolean(node.value);
+                case 'EnumValue':
+                default:
+                    return node.value;
             }
-            else if (argument.value.kind === 'ListValue') {
-                const values = [];
-                for (const valueNode of argument.value.values) {
-                    if (valueNode.kind === 'ObjectValue') {
-                        values.push(this.parseArgs(valueNode.fields, variableValues));
-                    }
-                    else {
-                        if (valueNode.kind === 'Variable') {
-                            values.push(variableValues[valueNode.name.value]);
-                        }
-                        else {
-                            values.push(valueNode.value);
-                        }
-                    }
-                }
-                argsObject[argument.name.value] = values;
-            }
-            else {
-                argsObject[argument.name.value] = argument.value.value;
-            }
-        }
+        };
+        const argsObject = Object.fromEntries(args.map((arg) => [arg.name.value, parse(arg.value)]));
         return argsObject;
     }
     /**
@@ -1902,7 +1893,9 @@ class GraphQLService {
                     name: 'directus_collections_meta',
                     fields: Object.values(schema.read.collections['directus_collections'].fields).reduce((acc, field) => {
                         acc[field.field] = {
-                            type: field.nullable ? (0, get_graphql_type_1.getGraphQLType)(field.type) : (0, graphql_1.GraphQLNonNull)((0, get_graphql_type_1.getGraphQLType)(field.type)),
+                            type: field.nullable
+                                ? (0, get_graphql_type_1.getGraphQLType)(field.type, field.special)
+                                : (0, graphql_1.GraphQLNonNull)((0, get_graphql_type_1.getGraphQLType)(field.type, field.special)),
                             description: field.note,
                         };
                         return acc;
@@ -1951,7 +1944,9 @@ class GraphQLService {
                     name: 'directus_fields_meta',
                     fields: Object.values(schema.read.collections['directus_fields'].fields).reduce((acc, field) => {
                         acc[field.field] = {
-                            type: field.nullable ? (0, get_graphql_type_1.getGraphQLType)(field.type) : (0, graphql_1.GraphQLNonNull)((0, get_graphql_type_1.getGraphQLType)(field.type)),
+                            type: field.nullable
+                                ? (0, get_graphql_type_1.getGraphQLType)(field.type, field.special)
+                                : (0, graphql_1.GraphQLNonNull)((0, get_graphql_type_1.getGraphQLType)(field.type, field.special)),
                             description: field.note,
                         };
                         return acc;
@@ -2038,7 +2033,7 @@ class GraphQLService {
                     name: 'directus_relations_meta',
                     fields: Object.values(schema.read.collections['directus_relations'].fields).reduce((acc, field) => {
                         acc[field.field] = {
-                            type: (0, get_graphql_type_1.getGraphQLType)(field.type),
+                            type: (0, get_graphql_type_1.getGraphQLType)(field.type, field.special),
                             description: field.note,
                         };
                         return acc;

package/dist/services/items.js

@@ -52,6 +52,7 @@ class ItemsService {
             .filter((field) => field.alias === true)
             .map((field) => field.field);
         const payload = (0, lodash_1.cloneDeep)(data);
+        const nestedActionEvents = [];
         // By wrapping the logic in a transaction, we make sure we automatically roll back all the
         // changes in the DB if any of the parts contained within throws an error. This also means
         // that any errors thrown in any nested relational changes will bubble up and cancel the whole
@@ -84,8 +85,8 @@ class ItemsService {
             const payloadWithPresets = this.accountability
                 ? await authorizationService.validatePayload('create', this.collection, payloadAfterHooks)
                 : payloadAfterHooks;
-            const { payload: payloadWithM2O, revisions: revisionsM2O } = await payloadService.processM2O(payloadWithPresets);
-            const { payload: payloadWithA2O, revisions: revisionsA2O } = await payloadService.processA2O(payloadWithM2O);
+            const { payload: payloadWithM2O, revisions: revisionsM2O, nestedActionEvents: nestedActionEventsM2O, } = await payloadService.processM2O(payloadWithPresets, opts);
+            const { payload: payloadWithA2O, revisions: revisionsA2O, nestedActionEvents: nestedActionEventsA2O, } = await payloadService.processA2O(payloadWithM2O, opts);
             const payloadWithoutAliases = (0, lodash_1.pick)(payloadWithA2O, (0, lodash_1.without)(fields, ...aliases));
             const payloadWithTypeCasting = await payloadService.processValues('create', payloadWithoutAliases);
             // In case of manual string / UUID primary keys, the PK already exists in the object we're saving.
@@ -113,7 +114,10 @@ class ItemsService {
                 // to read from it
                 payload[primaryKeyField] = primaryKey;
             }
-            const { revisions: revisionsO2M } = await payloadService.processO2M(payload, primaryKey);
+            const { revisions: revisionsO2M, nestedActionEvents: nestedActionEventsO2M } = await payloadService.processO2M(payload, primaryKey, opts);
+            nestedActionEvents.push(...nestedActionEventsM2O);
+            nestedActionEvents.push(...nestedActionEventsA2O);
+            nestedActionEvents.push(...nestedActionEventsO2M);
             // If this is an authenticated action, and accountability tracking is enabled, save activity row
             if (this.accountability && this.schema.collections[this.collection].accountability !== null) {
                 const activityService = new index_1.ActivityService({
@@ -154,17 +158,30 @@ class ItemsService {
             return primaryKey;
         });
         if ((opts === null || opts === void 0 ? void 0 : opts.emitEvents) !== false) {
-            emitter_1.default.emitAction(this.eventScope === 'items' ? ['items.create', `${this.collection}.items.create`] : `${this.eventScope}.create`, {
-                payload,
-                key: primaryKey,
-                collection: this.collection,
-            }, {
-                // This hook is called async. If we would pass the transaction here, the hook can be
-                // called after the transaction is done #5460
-                database: this.knex || (0, database_1.default)(),
-                schema: this.schema,
-                accountability: this.accountability,
-            });
+            const actionEvent = {
+                event: this.eventScope === 'items'
+                    ? ['items.create', `${this.collection}.items.create`]
+                    : `${this.eventScope}.create`,
+                meta: {
+                    payload,
+                    key: primaryKey,
+                    collection: this.collection,
+                },
+                context: {
+                    database: (0, database_1.default)(),
+                    schema: this.schema,
+                    accountability: this.accountability,
+                },
+            };
+            if (!(opts === null || opts === void 0 ? void 0 : opts.bypassEmitAction)) {
+                emitter_1.default.emitAction(actionEvent.event, actionEvent.meta, actionEvent.context);
+            }
+            else {
+                opts.bypassEmitAction(actionEvent);
+            }
+            for (const nestedActionEvent of nestedActionEvents) {
+                emitter_1.default.emitAction(nestedActionEvent.event, nestedActionEvent.meta, nestedActionEvent.context);
+            }
         }
         if (this.cache && env_1.default.CACHE_AUTO_PURGE && (opts === null || opts === void 0 ? void 0 : opts.autoPurgeCache) !== false) {
             await this.cache.clear();
@@ -323,6 +340,7 @@ class ItemsService {
             .filter((field) => field.alias === true)
             .map((field) => field.field);
         const payload = (0, lodash_1.cloneDeep)(data);
+        const nestedActionEvents = [];
         const authorizationService = new authorization_1.AuthorizationService({
             accountability: this.accountability,
             knex: this.knex,
@@ -356,8 +374,8 @@ class ItemsService {
                 knex: trx,
                 schema: this.schema,
             });
-            const { payload: payloadWithM2O, revisions: revisionsM2O } = await payloadService.processM2O(payloadWithPresets);
-            const { payload: payloadWithA2O, revisions: revisionsA2O } = await payloadService.processA2O(payloadWithM2O);
+            const { payload: payloadWithM2O, revisions: revisionsM2O, nestedActionEvents: nestedActionEventsM2O, } = await payloadService.processM2O(payloadWithPresets, opts);
+            const { payload: payloadWithA2O, revisions: revisionsA2O, nestedActionEvents: nestedActionEventsA2O, } = await payloadService.processA2O(payloadWithM2O, opts);
             const payloadWithoutAliasAndPK = (0, lodash_1.pick)(payloadWithA2O, (0, lodash_1.without)(fields, primaryKeyField, ...aliases));
             const payloadWithTypeCasting = await payloadService.processValues('update', payloadWithoutAliasAndPK);
             if (Object.keys(payloadWithTypeCasting).length > 0) {
@@ -369,9 +387,12 @@ class ItemsService {
                 }
             }
             const childrenRevisions = [...revisionsM2O, ...revisionsA2O];
+            nestedActionEvents.push(...nestedActionEventsM2O);
+            nestedActionEvents.push(...nestedActionEventsA2O);
             for (const key of keys) {
-                const { revisions } = await payloadService.processO2M(payload, key);
+                const { revisions, nestedActionEvents: nestedActionEventsO2M } = await payloadService.processO2M(payload, key, opts);
                 childrenRevisions.push(...revisions);
+                nestedActionEvents.push(...nestedActionEventsO2M);
             }
             // If this is an authenticated action, and accountability tracking is enabled, save activity row
             if (this.accountability && this.schema.collections[this.collection].accountability !== null) {
@@ -427,17 +448,30 @@ class ItemsService {
             await this.cache.clear();
         }
         if ((opts === null || opts === void 0 ? void 0 : opts.emitEvents) !== false) {
-            emitter_1.default.emitAction(this.eventScope === 'items' ? ['items.update', `${this.collection}.items.update`] : `${this.eventScope}.update`, {
-                payload,
-                keys,
-                collection: this.collection,
-            }, {
-                // This hook is called async. If we would pass the transaction here, the hook can be
-                // called after the transaction is done #5460
-                database: this.knex || (0, database_1.default)(),
-                schema: this.schema,
-                accountability: this.accountability,
-            });
+            const actionEvent = {
+                event: this.eventScope === 'items'
+                    ? ['items.update', `${this.collection}.items.update`]
+                    : `${this.eventScope}.update`,
+                meta: {
+                    payload,
+                    keys,
+                    collection: this.collection,
+                },
+                context: {
+                    database: (0, database_1.default)(),
+                    schema: this.schema,
+                    accountability: this.accountability,
+                },
+            };
+            if (!(opts === null || opts === void 0 ? void 0 : opts.bypassEmitAction)) {
+                emitter_1.default.emitAction(actionEvent.event, actionEvent.meta, actionEvent.context);
+            }
+            else {
+                opts.bypassEmitAction(actionEvent);
+            }
+            for (const nestedActionEvent of nestedActionEvents) {
+                emitter_1.default.emitAction(nestedActionEvent.event, nestedActionEvent.meta, nestedActionEvent.context);
+            }
         }
         return keys;
     }
@@ -547,17 +581,27 @@ class ItemsService {
             await this.cache.clear();
         }
         if ((opts === null || opts === void 0 ? void 0 : opts.emitEvents) !== false) {
-            emitter_1.default.emitAction(this.eventScope === 'items' ? ['items.delete', `${this.collection}.items.delete`] : `${this.eventScope}.delete`, {
-                payload: keys,
-                keys: keys,
-                collection: this.collection,
-            }, {
-                // This hook is called async. If we would pass the transaction here, the hook can be
-                // called after the transaction is done #5460
-                database: this.knex || (0, database_1.default)(),
-                schema: this.schema,
-                accountability: this.accountability,
-            });
+            const actionEvent = {
+                event: this.eventScope === 'items'
+                    ? ['items.delete', `${this.collection}.items.delete`]
+                    : `${this.eventScope}.delete`,
+                meta: {
+                    payload: keys,
+                    keys: keys,
+                    collection: this.collection,
+                },
+                context: {
+                    database: (0, database_1.default)(),
+                    schema: this.schema,
+                    accountability: this.accountability,
+                },
+            };
+            if (!(opts === null || opts === void 0 ? void 0 : opts.bypassEmitAction)) {
+                emitter_1.default.emitAction(actionEvent.event, actionEvent.meta, actionEvent.context);
+            }
+            else {
+                opts.bypassEmitAction(actionEvent);
+            }
         }
         return keys;
     }

package/dist/services/items.test.d.ts

@@ -0,0 +1 @@
+export {};