directus 9.2.0 → 9.4.0

package/dist/cli/commands/init/index.js

@@ -15,6 +15,7 @@ const create_env_1 = __importDefault(require("../../utils/create-env"));
 const drivers_1 = require("../../utils/drivers");
 const questions_1 = require("./questions");
 const generate_hash_1 = require("../../../utils/generate-hash");
+const defaults_1 = require("../../utils/defaults");
 async function init() {
     const rootPath = process.cwd();
     const { client } = await inquirer_1.default.prompt([
@@ -79,19 +80,14 @@ async function init() {
     const roleID = (0, uuid_1.v4)();
     await db('directus_roles').insert({
         id: roleID,
-        name: 'Administrator',
-        icon: 'verified',
-        admin_access: true,
-        description: 'Initial administrative role with unrestricted App/API access',
+        ...defaults_1.defaultAdminRole,
     });
     await db('directus_users').insert({
         id: userID,
-        status: 'active',
         email: firstUser.email,
         password: firstUser.password,
-        first_name: 'Admin',
-        last_name: 'User',
         role: roleID,
+        ...defaults_1.defaultAdminUser,
     });
     await db.destroy();
     process.stdout.write(`\nYour project has been created at ${chalk_1.default.green(rootPath)}.\n`);

package/dist/cli/commands/schema/apply.js

@@ -135,7 +135,7 @@ async function apply(snapshotPath, options) {
                     else {
                         continue;
                     }
-                    // Related collection doesn't exist for m2a relationship types
+                    // Related collection doesn't exist for a2o relationship types
                     if (related_collection) {
                         message += `-> ${related_collection}`;
                     }

package/dist/cli/utils/defaults.d.ts

@@ -0,0 +1,11 @@
+export declare const defaultAdminRole: {
+    name: string;
+    icon: string;
+    admin_access: boolean;
+    description: string;
+};
+export declare const defaultAdminUser: {
+    status: string;
+    first_name: string;
+    last_name: string;
+};

package/dist/cli/utils/defaults.js

@@ -0,0 +1,14 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.defaultAdminUser = exports.defaultAdminRole = void 0;
+exports.defaultAdminRole = {
+    name: 'Administrator',
+    icon: 'verified',
+    admin_access: true,
+    description: '$t:admin_description',
+};
+exports.defaultAdminUser = {
+    status: 'active',
+    first_name: 'Admin',
+    last_name: 'User',
+};

package/dist/constants.d.ts

@@ -5,3 +5,11 @@ export declare const FILTER_VARIABLES: string[];
 export declare const ALIAS_TYPES: string[];
 export declare const DEFAULT_AUTH_PROVIDER = "default";
 export declare const COLUMN_TRANSFORMS: string[];
+export declare const UUID_REGEX = "[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}";
+export declare const COOKIE_OPTIONS: {
+    httpOnly: boolean;
+    domain: any;
+    maxAge: number;
+    secure: any;
+    sameSite: "lax" | "strict" | "none";
+};

package/dist/constants.js

@@ -1,6 +1,12 @@
 "use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+var _a;
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.COLUMN_TRANSFORMS = exports.DEFAULT_AUTH_PROVIDER = exports.ALIAS_TYPES = exports.FILTER_VARIABLES = exports.ASSET_TRANSFORM_QUERY_KEYS = exports.SYSTEM_ASSET_ALLOW_LIST = void 0;
+exports.COOKIE_OPTIONS = exports.UUID_REGEX = exports.COLUMN_TRANSFORMS = exports.DEFAULT_AUTH_PROVIDER = exports.ALIAS_TYPES = exports.FILTER_VARIABLES = exports.ASSET_TRANSFORM_QUERY_KEYS = exports.SYSTEM_ASSET_ALLOW_LIST = void 0;
+const env_1 = __importDefault(require("./env"));
+const ms_1 = __importDefault(require("ms"));
 exports.SYSTEM_ASSET_ALLOW_LIST = [
     {
         key: 'system-small-cover',
@@ -38,6 +44,14 @@ exports.ASSET_TRANSFORM_QUERY_KEYS = [
     'withoutEnlargement',
 ];
 exports.FILTER_VARIABLES = ['$NOW', '$CURRENT_USER', '$CURRENT_ROLE'];
-exports.ALIAS_TYPES = ['alias', 'o2m', 'm2m', 'm2a', 'files', 'translations'];
+exports.ALIAS_TYPES = ['alias', 'o2m', 'm2m', 'm2a', 'o2a', 'files', 'translations'];
 exports.DEFAULT_AUTH_PROVIDER = 'default';
 exports.COLUMN_TRANSFORMS = ['year', 'month', 'day', 'weekday', 'hour', 'minute', 'second'];
+exports.UUID_REGEX = '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}';
+exports.COOKIE_OPTIONS = {
+    httpOnly: true,
+    domain: env_1.default.REFRESH_TOKEN_COOKIE_DOMAIN,
+    maxAge: (0, ms_1.default)(env_1.default.REFRESH_TOKEN_TTL),
+    secure: (_a = env_1.default.REFRESH_TOKEN_COOKIE_SECURE) !== null && _a !== void 0 ? _a : false,
+    sameSite: env_1.default.REFRESH_TOKEN_COOKIE_SAME_SITE || 'strict',
+};

package/dist/controllers/shares.d.ts

@@ -0,0 +1,2 @@
+declare const router: import("express-serve-static-core").Router;
+export default router;

package/dist/controllers/shares.js

@@ -0,0 +1,212 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const express_1 = __importDefault(require("express"));
+const exceptions_1 = require("../exceptions");
+const respond_1 = require("../middleware/respond");
+const use_collection_1 = __importDefault(require("../middleware/use-collection"));
+const validate_batch_1 = require("../middleware/validate-batch");
+const services_1 = require("../services");
+const async_handler_1 = __importDefault(require("../utils/async-handler"));
+const constants_1 = require("../constants");
+const joi_1 = __importDefault(require("joi"));
+const env_1 = __importDefault(require("../env"));
+const router = express_1.default.Router();
+router.use((0, use_collection_1.default)('directus_shares'));
+const sharedLoginSchema = joi_1.default.object({
+    share: joi_1.default.string().required(),
+    password: joi_1.default.string(),
+}).unknown();
+router.post('/auth', (0, async_handler_1.default)(async (req, res, next) => {
+    // This doesn't use accountability, as the user isn't logged in at this point
+    const service = new services_1.SharesService({
+        schema: req.schema,
+    });
+    const { error } = sharedLoginSchema.validate(req.body);
+    if (error) {
+        throw new exceptions_1.InvalidPayloadException(error.message);
+    }
+    const { accessToken, refreshToken, expires } = await service.login(req.body);
+    res.cookie(env_1.default.REFRESH_TOKEN_COOKIE_NAME, refreshToken, constants_1.COOKIE_OPTIONS);
+    res.locals.payload = { data: { access_token: accessToken, expires } };
+    return next();
+}), respond_1.respond);
+const sharedInviteSchema = joi_1.default.object({
+    share: joi_1.default.string().required(),
+    emails: joi_1.default.array().items(joi_1.default.string()),
+}).unknown();
+router.post('/invite', (0, async_handler_1.default)(async (req, res, next) => {
+    const service = new services_1.SharesService({
+        schema: req.schema,
+        accountability: req.accountability,
+    });
+    const { error } = sharedInviteSchema.validate(req.body);
+    if (error) {
+        throw new exceptions_1.InvalidPayloadException(error.message);
+    }
+    await service.invite(req.body);
+    return next();
+}), respond_1.respond);
+router.post('/', (0, async_handler_1.default)(async (req, res, next) => {
+    const service = new services_1.SharesService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    const savedKeys = [];
+    if (Array.isArray(req.body)) {
+        const keys = await service.createMany(req.body);
+        savedKeys.push(...keys);
+    }
+    else {
+        const key = await service.createOne(req.body);
+        savedKeys.push(key);
+    }
+    try {
+        if (Array.isArray(req.body)) {
+            const items = await service.readMany(savedKeys, req.sanitizedQuery);
+            res.locals.payload = { data: items };
+        }
+        else {
+            const item = await service.readOne(savedKeys[0], req.sanitizedQuery);
+            res.locals.payload = { data: item };
+        }
+    }
+    catch (error) {
+        if (error instanceof exceptions_1.ForbiddenException) {
+            return next();
+        }
+        throw error;
+    }
+    return next();
+}), respond_1.respond);
+const readHandler = (0, async_handler_1.default)(async (req, res, next) => {
+    const service = new services_1.SharesService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    const records = await service.readByQuery(req.sanitizedQuery);
+    res.locals.payload = { data: records || null };
+    return next();
+});
+router.get('/', (0, validate_batch_1.validateBatch)('read'), readHandler, respond_1.respond);
+router.search('/', (0, validate_batch_1.validateBatch)('read'), readHandler, respond_1.respond);
+router.get(`/info/:pk(${constants_1.UUID_REGEX})`, (0, async_handler_1.default)(async (req, res, next) => {
+    const service = new services_1.SharesService({
+        schema: req.schema,
+    });
+    const record = await service.readOne(req.params.pk, {
+        fields: ['id', 'collection', 'item', 'password', 'max_uses', 'times_used', 'date_start', 'date_end'],
+        filter: {
+            _and: [
+                {
+                    _or: [
+                        {
+                            date_start: {
+                                _lte: '$NOW',
+                            },
+                        },
+                        {
+                            date_start: {
+                                _null: true,
+                            },
+                        },
+                    ],
+                },
+                {
+                    _or: [
+                        {
+                            date_end: {
+                                _gte: '$NOW',
+                            },
+                        },
+                        {
+                            date_end: {
+                                _null: true,
+                            },
+                        },
+                    ],
+                },
+            ],
+        },
+    });
+    res.locals.payload = { data: record || null };
+    return next();
+}), respond_1.respond);
+router.get(`/:pk(${constants_1.UUID_REGEX})`, (0, async_handler_1.default)(async (req, res, next) => {
+    const service = new services_1.SharesService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    const record = await service.readOne(req.params.pk, req.sanitizedQuery);
+    res.locals.payload = { data: record || null };
+    return next();
+}), respond_1.respond);
+router.patch('/', (0, validate_batch_1.validateBatch)('update'), (0, async_handler_1.default)(async (req, res, next) => {
+    const service = new services_1.SharesService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    let keys = [];
+    if (req.body.keys) {
+        keys = await service.updateMany(req.body.keys, req.body.data);
+    }
+    else {
+        keys = await service.updateByQuery(req.body.query, req.body.data);
+    }
+    try {
+        const result = await service.readMany(keys, req.sanitizedQuery);
+        res.locals.payload = { data: result };
+    }
+    catch (error) {
+        if (error instanceof exceptions_1.ForbiddenException) {
+            return next();
+        }
+        throw error;
+    }
+    return next();
+}), respond_1.respond);
+router.patch(`/:pk(${constants_1.UUID_REGEX})`, (0, async_handler_1.default)(async (req, res, next) => {
+    const service = new services_1.SharesService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    const primaryKey = await service.updateOne(req.params.pk, req.body);
+    try {
+        const item = await service.readOne(primaryKey, req.sanitizedQuery);
+        res.locals.payload = { data: item || null };
+    }
+    catch (error) {
+        if (error instanceof exceptions_1.ForbiddenException) {
+            return next();
+        }
+        throw error;
+    }
+    return next();
+}), respond_1.respond);
+router.delete('/', (0, async_handler_1.default)(async (req, _res, next) => {
+    const service = new services_1.SharesService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    if (Array.isArray(req.body)) {
+        await service.deleteMany(req.body);
+    }
+    else if (req.body.keys) {
+        await service.deleteMany(req.body.keys);
+    }
+    else {
+        await service.deleteByQuery(req.body.query);
+    }
+    return next();
+}), respond_1.respond);
+router.delete(`/:pk(${constants_1.UUID_REGEX})`, (0, async_handler_1.default)(async (req, _res, next) => {
+    const service = new services_1.SharesService({
+        accountability: req.accountability,
+        schema: req.schema,
+    });
+    await service.deleteOne(req.params.pk);
+    return next();
+}), respond_1.respond);
+exports.default = router;

package/dist/controllers/users.js

@@ -62,8 +62,20 @@ const readHandler = (0, async_handler_1.default)(async (req, res, next) => {
 router.get('/', (0, validate_batch_1.validateBatch)('read'), readHandler, respond_1.respond);
 router.search('/', (0, validate_batch_1.validateBatch)('read'), readHandler, respond_1.respond);
 router.get('/me', (0, async_handler_1.default)(async (req, res, next) => {
-    var _a;
-    if (!((_a = req.accountability) === null || _a === void 0 ? void 0 : _a.user)) {
+    var _a, _b, _c;
+    if ((_a = req.accountability) === null || _a === void 0 ? void 0 : _a.share_scope) {
+        const user = {
+            share: (_b = req.accountability) === null || _b === void 0 ? void 0 : _b.share,
+            role: {
+                id: req.accountability.role,
+                admin_access: false,
+                app_access: false,
+            },
+        };
+        res.locals.payload = { data: user };
+        return next();
+    }
+    if (!((_c = req.accountability) === null || _c === void 0 ? void 0 : _c.user)) {
         throw new exceptions_1.InvalidCredentialsException();
     }
     const service = new services_1.UsersService({
@@ -108,7 +120,7 @@ router.patch('/me', (0, async_handler_1.default)(async (req, res, next) => {
     res.locals.payload = { data: item || null };
     return next();
 }), respond_1.respond);
-router.patch('/me/track/page', (0, async_handler_1.default)(async (req, res, next) => {
+router.patch('/me/track/page', (0, async_handler_1.default)(async (req, _res, next) => {
     var _a;
     if (!((_a = req.accountability) === null || _a === void 0 ? void 0 : _a.user)) {
         throw new exceptions_1.InvalidCredentialsException();
@@ -162,7 +174,7 @@ router.patch('/:pk', (0, async_handler_1.default)(async (req, res, next) => {
     }
     return next();
 }), respond_1.respond);
-router.delete('/', (0, validate_batch_1.validateBatch)('delete'), (0, async_handler_1.default)(async (req, res, next) => {
+router.delete('/', (0, validate_batch_1.validateBatch)('delete'), (0, async_handler_1.default)(async (req, _res, next) => {
     const service = new services_1.UsersService({
         accountability: req.accountability,
         schema: req.schema,
@@ -178,7 +190,7 @@ router.delete('/', (0, validate_batch_1.validateBatch)('delete'), (0, async_hand
     }
     return next();
 }), respond_1.respond);
-router.delete('/:pk', (0, async_handler_1.default)(async (req, res, next) => {
+router.delete('/:pk', (0, async_handler_1.default)(async (req, _res, next) => {
     const service = new services_1.UsersService({
         accountability: req.accountability,
         schema: req.schema,
@@ -191,7 +203,7 @@ const inviteSchema = joi_1.default.object({
     role: joi_1.default.string().uuid({ version: 'uuidv4' }).required(),
     invite_url: joi_1.default.string().uri(),
 });
-router.post('/invite', (0, async_handler_1.default)(async (req, res, next) => {
+router.post('/invite', (0, async_handler_1.default)(async (req, _res, next) => {
     const { error } = inviteSchema.validate(req.body);
     if (error)
         throw new exceptions_1.InvalidPayloadException(error.message);
@@ -206,7 +218,7 @@ const acceptInviteSchema = joi_1.default.object({
     token: joi_1.default.string().required(),
     password: joi_1.default.string().required(),
 });
-router.post('/invite/accept', (0, async_handler_1.default)(async (req, res, next) => {
+router.post('/invite/accept', (0, async_handler_1.default)(async (req, _res, next) => {
     const { error } = acceptInviteSchema.validate(req.body);
     if (error)
         throw new exceptions_1.InvalidPayloadException(error.message);
@@ -238,7 +250,7 @@ router.post('/me/tfa/generate/', (0, async_handler_1.default)(async (req, res, n
     res.locals.payload = { data: { secret, otpauth_url: url } };
     return next();
 }), respond_1.respond);
-router.post('/me/tfa/enable/', (0, async_handler_1.default)(async (req, res, next) => {
+router.post('/me/tfa/enable/', (0, async_handler_1.default)(async (req, _res, next) => {
     var _a;
     if (!((_a = req.accountability) === null || _a === void 0 ? void 0 : _a.user)) {
         throw new exceptions_1.InvalidCredentialsException();
@@ -256,7 +268,7 @@ router.post('/me/tfa/enable/', (0, async_handler_1.default)(async (req, res, nex
     await service.enableTFA(req.accountability.user, req.body.otp, req.body.secret);
     return next();
 }), respond_1.respond);
-router.post('/me/tfa/disable', (0, async_handler_1.default)(async (req, res, next) => {
+router.post('/me/tfa/disable', (0, async_handler_1.default)(async (req, _res, next) => {
     var _a;
     if (!((_a = req.accountability) === null || _a === void 0 ? void 0 : _a.user)) {
         throw new exceptions_1.InvalidCredentialsException();

package/dist/database/migrations/20211211A-add-shares.d.ts

@@ -0,0 +1,3 @@
+import { Knex } from 'knex';
+export declare function up(knex: Knex): Promise<void>;
+export declare function down(knex: Knex): Promise<void>;

package/dist/database/migrations/20211211A-add-shares.js

@@ -0,0 +1,37 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.down = exports.up = void 0;
+async function up(knex) {
+    await knex.schema.createTable('directus_shares', (table) => {
+        table.uuid('id').primary();
+        table.string('name');
+        table.string('collection', 64).references('collection').inTable('directus_collections').onDelete('CASCADE');
+        table.string('item');
+        table.uuid('role').references('id').inTable('directus_roles').onDelete('CASCADE');
+        table.string('password');
+        table.uuid('user_created').references('id').inTable('directus_users').onDelete('SET NULL');
+        table.timestamp('date_created').defaultTo(knex.fn.now());
+        table.timestamp('date_start');
+        table.timestamp('date_end');
+        table.integer('times_used').defaultTo(0);
+        table.integer('max_uses');
+    });
+    await knex.schema.alterTable('directus_sessions', (table) => {
+        table.dropColumn('data');
+    });
+    await knex.schema.alterTable('directus_sessions', (table) => {
+        table.uuid('user').nullable().alter();
+        table.uuid('share').references('id').inTable('directus_shares').onDelete('CASCADE');
+    });
+}
+exports.up = up;
+async function down(knex) {
+    await knex.schema.alterTable('directus_sessions', (table) => {
+        table.uuid('user').notNullable().alter();
+        table.json('data');
+        table.dropForeign('share');
+        table.dropColumn('share');
+    });
+    await knex.schema.dropTable('directus_shares');
+}
+exports.down = down;

package/dist/database/run-ast.js

@@ -18,7 +18,7 @@ const helpers_1 = require("../database/helpers");
 async function runAST(originalAST, schema, options) {
     const ast = (0, lodash_1.cloneDeep)(originalAST);
     const knex = (options === null || options === void 0 ? void 0 : options.knex) || (0, _1.default)();
-    if (ast.type === 'm2a') {
+    if (ast.type === 'a2o') {
         const results = {};
         for (const collection of ast.names) {
             results[collection] = await run(collection, ast.children[collection], ast.query[collection]);
@@ -85,7 +85,7 @@ async function parseCurrentLevel(schema, collection, children, query) {
         if (child.type === 'm2o') {
             columnsToSelectInternal.push(child.fieldKey);
         }
-        if (child.type === 'm2a') {
+        if (child.type === 'a2o') {
             columnsToSelectInternal.push(child.relation.field);
             columnsToSelectInternal.push(child.relation.meta.one_collection_field);
         }
@@ -182,7 +182,7 @@ function applyParentFilters(schema, nestedCollectionNodes, parentItem) {
                 nestedNode.query.union = [foreignField, foreignIds];
             }
         }
-        else if (nestedNode.type === 'm2a') {
+        else if (nestedNode.type === 'a2o') {
             const keysPerCollection = {};
             for (const parentItem of parentItems) {
                 const collection = parentItem[nestedNode.relation.meta.one_collection_field];
@@ -256,7 +256,7 @@ function mergeWithParentItems(schema, nestedItem, parentItem, nestedNode) {
             parentItem[nestedNode.fieldKey] = itemChildren.length > 0 ? itemChildren : [];
         }
     }
-    else if (nestedNode.type === 'm2a') {
+    else if (nestedNode.type === 'a2o') {
         for (const parentItem of parentItems) {
             if (!((_a = nestedNode.relation.meta) === null || _a === void 0 ? void 0 : _a.one_collection_field)) {
                 parentItem[nestedNode.fieldKey] = null;
@@ -279,7 +279,7 @@ function removeTemporaryFields(schema, rawItem, ast, primaryKeyField, parentItem
     var _a;
     const rawItems = (0, lodash_1.cloneDeep)((0, utils_1.toArray)(rawItem));
     const items = [];
-    if (ast.type === 'm2a') {
+    if (ast.type === 'a2o') {
         const fields = {};
         const nestedCollectionNodes = {};
         for (const relatedCollection of ast.names) {

package/dist/database/system-data/app-access-permissions/app-access-permissions.yaml

@@ -13,18 +13,6 @@
     comment:
       _nnull: true
 
-- collection: directus_collections
-  action: read
-
-- collection: directus_fields
-  action: read
-
-- collection: directus_permissions
-  action: read
-  permissions:
-    role:
-      _eq: $CURRENT_ROLE
-
 - collection: directus_presets
   action: read
   permissions:
@@ -60,9 +48,6 @@
     user:
       _eq: $CURRENT_USER
 
-- collection: directus_relations
-  action: read
-
 - collection: directus_roles
   action: read
   permissions:

package/dist/database/system-data/app-access-permissions/index.d.ts

@@ -1,2 +1,3 @@
 import { Permission } from '@directus/shared/types';
+export declare const schemaPermissions: Permission[];
 export declare const appAccessMinimalPermissions: Permission[];

package/dist/database/system-data/app-access-permissions/index.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.appAccessMinimalPermissions = void 0;
+exports.appAccessMinimalPermissions = exports.schemaPermissions = void 0;
 const lodash_1 = require("lodash");
 const require_yaml_1 = require("../../../utils/require-yaml");
 const defaults = {
@@ -11,5 +11,7 @@ const defaults = {
     fields: ['*'],
     system: true,
 };
+const schemaPermissionsRaw = (0, require_yaml_1.requireYAML)(require.resolve('./schema-access-permissions.yaml'));
 const permissions = (0, require_yaml_1.requireYAML)(require.resolve('./app-access-permissions.yaml'));
-exports.appAccessMinimalPermissions = permissions.map((row) => (0, lodash_1.merge)({}, defaults, row));
+exports.schemaPermissions = schemaPermissionsRaw.map((row) => (0, lodash_1.merge)({}, defaults, row));
+exports.appAccessMinimalPermissions = [...exports.schemaPermissions, ...permissions].map((row) => (0, lodash_1.merge)({}, defaults, row));

package/dist/database/system-data/app-access-permissions/schema-access-permissions.yaml

@@ -0,0 +1,17 @@
+# NOTE: Activity/collections/fields/presets/relations/revisions will have an extra hardcoded filter
+# to filter out collections you don't have read access
+
+- collection: directus_collections
+  action: read
+
+- collection: directus_fields
+  action: read
+
+- collection: directus_permissions
+  action: read
+  permissions:
+    role:
+      _eq: $CURRENT_ROLE
+
+- collection: directus_relations
+  action: read

package/dist/database/system-data/collections/collections.yaml

@@ -65,3 +65,6 @@ data:
     note: $t:directus_collection.directus_panels
   - collection: directus_notifications
     note: $t:directus_collection.directus_notifications
+  - collection: directus_shares
+    icon: share
+    note: $t:directus_collection.directus_shares

package/dist/database/system-data/fields/sessions.yaml

@@ -11,4 +11,4 @@ fields:
     width: half
   - field: user_agent
     width: half
-  - field: data
+  - field: share

package/dist/database/system-data/fields/shares.yaml

@@ -0,0 +1,73 @@
+table: directus_shares
+
+fields:
+  - field: id
+    special: uuid
+    readonly: true
+    hidden: true
+
+  - field: name
+
+  - field: collection
+    width: half
+    hidden: true
+
+  - field: item
+    width: half
+    hidden: true
+
+  - field: role
+    interface: select-dropdown-m2o
+    width: half
+    options:
+      template: '{{name}}'
+      filter:
+        admin_access:
+          _eq: false
+
+  - field: password
+    special: hash,conceal
+    interface: input-hash
+    options:
+      iconRight: lock
+      masked: true
+    width: half
+
+  - field: date_start
+    width: half
+
+  - field: date_end
+    width: half
+
+  - field: max_uses
+    width: half
+
+  - field: times_used
+    width: half
+    readonly: true
+
+  - field: date_created
+    special: date-created
+    width: half
+    readonly: true
+    conditions:
+      - name: notCreatedYet
+        rule:
+          id:
+            _null: true
+        hidden: true
+
+  - field: user_created
+    special: user-created
+    interface: select-dropdown-m2o
+    width: half
+    display: user
+    options:
+      template: '{{avatar.$thumbnail}} {{first_name}} {{last_name}}'
+    readonly: true
+    conditions:
+      - name: notCreatedYet
+        rule:
+          id:
+            _null: true
+        hidden: true

package/dist/database/system-data/fields/users.yaml

@@ -100,7 +100,7 @@ fields:
     options:
       icon: verified_user
       title: $t:fields.directus_users.admin_options
-      color: '#E35169'
+      color: 'var(--danger)'
     special:
       - alias
       - no-data